Drupal is a powerful tool that can be configured many ways, sometimes insecurely. Knowing attack vectors against your site and how to prevent them is important for everyone building a Drupal site. In this session, aimed at site-administrators, we'll discuss some vulnerabilities, proper configuration, and what you can do to maintain your site's security.
* Common vulnerabilities and what they mean
* Drupal defaults and why you should care
* Trusting site visitors
* How to recover from attack
Attendees will receive a better understanding of web security and the importance of a strong security process. The session covers a broad set of topics and is designed to provide a foundational, yet functional, introduction to Drupal security.
About the speakers:
Members of the Drupal Security Team, Ben Jeavons and GÃ¡bor Hojtsy have spoken on security at previous DrupalCon's and at many DrupalCamps. Additionally, GÃ¡bor is the Drupal 6 branch co-maintainer and Ben co-wrote the Drupal Security Report.